asciilifeform: if there is one otp key, and it gets used two or more times, with mircea_popescu controlling the input and knowing anything whatsoever about the output, he learns the key trivially.

asciilifeform: this is kindergarten material.

asciilifeform: one otp bit, one xor.

asciilifeform: this is not how otp is used.

asciilifeform: no two xors with one motherfucking bit.

asciilifeform: ever.

asciilifeform: otp doesn't get reused.

asciilifeform: no good.

asciilifeform: aha so same rules as randi.

asciilifeform: the way i read it, the 'if' is whether mircea_popescu can demonstrate convincingly higher than chance guessatronics.

asciilifeform: mircea_popescu: what's the if

asciilifeform: sure.

asciilifeform: anyway i will play if experiment is specified such that mircea_popescu has 100:1 or less odds of winning based on pure guessing ('telepathy')

asciilifeform: otherwise can immediately decode 'which one' based on length.

asciilifeform: same length bitstrings.

asciilifeform: punkman: not problem, but must specify this, otherwise somebody wins/loses on an idiot technicality that teachs nothing

asciilifeform: (and it goes without saying that the plaintexts must be same length)

asciilifeform: as in, he gets, say, 700 out of 1000

asciilifeform: gotta be a statistically standing result.

asciilifeform: i'm not playing flippsies

asciilifeform: wai wut

asciilifeform: who wants to referee ? jurov ? kakobrekla ?

asciilifeform: but why beat the horse? i'm willing to play !

asciilifeform: not ALL.

asciilifeform: crc is built to survive a small fixed percentage (typically 1 in 9) of flipped bits.

asciilifeform: nope. because i read shannon.

asciilifeform: (perhaps he is trying to teach us something ?)

asciilifeform: i will ~happily~ play with mircea_popescu if he insists on betting against arithmetic...

asciilifeform: for 10 b. even.

asciilifeform: if you would like to specify this game in a way that doesn't reduce to gambling on coin flips, i will play.

asciilifeform: my contention is that in your case 'recover' == guess.

asciilifeform: those 'bits' are still 'in there.'

asciilifeform: this is basic theory per shannon.

asciilifeform: still want to play ?

asciilifeform: (i.e. they are independent streams)

asciilifeform: so long as the latter has no feedback from the former

asciilifeform: just as in the old thread where we demonstrate that trng XOR hitler's rng is still trng.

asciilifeform: (when xoring against properly random string)

asciilifeform: xoring the bits does not preserve their statistical distribution.

asciilifeform: let's put it this way,

asciilifeform: in the original challenge it does also.

asciilifeform: actually this contradicts the xor lemma.

asciilifeform: specifying wtf you're doing, clears the mind

asciilifeform: i see where mircea_popescu is going

asciilifeform: telepaths - straight to j. randi, plox

asciilifeform: also try randi first, he pays 1M usd

asciilifeform: mircea_popescu: specify the experiment ?

asciilifeform: the ciphertext literally tells you nothing useful, other than an upper bound for the length

asciilifeform: you can guess the message just as easily with telepathy, at home.

asciilifeform: mircea_popescu: think about it, with otp, there is no reason for you to actually intercept the ciphertext

asciilifeform: think about it. the ciphertext conveys LITERALLY NO information without the key.

asciilifeform: because they are all equally probable.

asciilifeform: no.

asciilifeform: an actual otp conveys no information whatsoever via the ciphertext.

asciilifeform: not so.

asciilifeform: )

asciilifeform: (but, the hard part, same one on both ends

asciilifeform: ergo the linked thread, where i posit that an ideal otp is actually a physical object which brings the bits somehow into existence one at a time

asciilifeform: (the latter is a common concern in all crypto)

asciilifeform: or captured, and then funkspieled

asciilifeform: yet another is to have the pad surreptitiously copied by the enemy

asciilifeform: another is to have anything other than a true physical rng generating the pad.

asciilifeform: (see, e.g., famously the 'venona' case)

asciilifeform: one is to ~ever, for any reason~ reuse any portion of the pad.

asciilifeform: there are several possible ways to die when otp

asciilifeform: punkman: you can't compress random crud

asciilifeform: for education of n00bz, i will briefly elaborate here.

asciilifeform: http://log.bitcoin-assets.com/?date=03-02-2016#1394833 << obligatory otp megathread ☝︎

asciilifeform: (typically via xor operation)

asciilifeform: where 1 key bit is used, precisely once, to encipher 1 bit of plaintext into 1 bit of ciphertext.

asciilifeform: ben_vulpes: otp is a particular very specific thing

asciilifeform: generally, we are interested in the moment of truth.

asciilifeform: 1k.

asciilifeform: rather than 100M turd

asciilifeform: also in the future, folks plz post last 1M max

asciilifeform: not as per his log.

asciilifeform: (no signs of 'blackhole', and node died peacefully)

asciilifeform: http://log.bitcoin-assets.com/?date=06-02-2016#1398158 << this log does not, unfortunately, shed any light. ☝︎

asciilifeform: aha!

asciilifeform: on the other hand, 'the spice must flow.' and if i hear nothing, 'g' is coming out with rsa or cramer-shoup in abusive mode.

asciilifeform: mircea_popescu did learn a useful fact, if he had not already known it, namely that... there are not yet cryptographers

asciilifeform: i'ma let it be

asciilifeform: this is advanced dirigible algebra, prolly beyond my peanut brain.

asciilifeform: iirc mircea_popescu wanted a non-otp that demonstrably doesn't suck

asciilifeform: mircea_popescu laughs at warez aficionados but then wants the things he wants, to fall from the sky for phree

asciilifeform: mircea_popescu: i did not say 'motivate', but enable existing motivated.

asciilifeform: l0l fortune

asciilifeform: i suppose there is c) shout into the dark

asciilifeform: my point was that if you want astronomy, and all you have to work with is astrologers, the only possible thing that could ever work is a) wait 1000 years, be very patient or b) track down promising ones and cut them loose from day job assembling horoscopes

asciilifeform: there is none, because charlatanry.

asciilifeform: i, for instance, would like a boeing. but it does not surprise me that boeings continue to belong to folks who pay for'em

asciilifeform: http://log.bitcoin-assets.com/?date=06-02-2016#1398118 << it remains a challenge to get folks to produce things to scratch your itches when you aren't the one paying. ☝︎

asciilifeform: long before you 'c++', why not try basic naked eye observations.

asciilifeform: is there network traffic ?

asciilifeform: what is the behaviour ? does it respond to rpc ?

asciilifeform: what is in the logs ?

asciilifeform: gernika: wedging ~how~ ?

asciilifeform: lulzy, very very lilienfeld.

asciilifeform: time pad.'

asciilifeform: 'Although in theory Miller can claim priority, reality is more complex. As will be explained below, it is quite unlikely that either he or anyone else ever used his system for real messages; in fact, it is unclear if anyone other than he and his friends and family ever knew of its existence. That said, there are some possible links to Mauborgne. It thus remains unclear who should be credited with effectively inventing the one-